powered by Jive Software

LDAP problem. Wildfire 2.4.4 and OpenLDAP

Hello,

I am using standard OpenLDAP on a remote server (port open) embedded in debian etch testing (the server works for other applications).

However, I am unable to make wildfire works with ldap.

I just follow the official guide : http://www.jivesoftware.org/builds/wildfire/docs/latest/documentation/ldap-guide .html

This sounds very clear to me but, when upon configuration, this simply doesn’'t work.

I put the server in debug mode. No problem at startup.

When I try to log in with an already existing person in ldap, here is the debug trace (debug.log):

2006.02.15 14:20:10 Created new LdapManager() instance, fields:

2006.02.15 14:20:10 host: ist-guizay.univ-st-etienne.fr

2006.02.15 14:20:10 port: 389

2006.02.15 14:20:10 usernamefield: uid

2006.02.15 14:20:10 baseDN: ou=person,o=istase,c=fr

2006.02.15 14:20:10 alternateBaseDN: null

2006.02.15 14:20:10 nameField: cn

2006.02.15 14:20:10 emailField: mail

2006.02.15 14:20:10 adminDN: *******

2006.02.15 14:20:10 adminPassword: ********

2006.02.15 14:20:10 searchFilter: (uid=)
2006.02.15 14:20:10 ldapDebugEnabled: false
2006.02.15 14:20:10 sslEnabled: false
2006.02.15 14:20:10 initialContextFactory: com.sun.jndi.ldap.LdapCtxFactory
2006.02.15 14:20:10 connectionPoolEnabled: true
2006.02.15 14:20:10 autoFollowReferrals: false
2006.02.15 14:20:10 groupNameField: cn
2006.02.15 14:20:10 groupMemberField: member
2006.02.15 14:20:10 groupDescriptionField: description
2006.02.15 14:20:10 posixMode: false
2006.02.15 14:20:10 groupSearchFilter: (member=)

2006.02.15 14:20:13 Loading plugin admin

2006.02.15 14:20:18 Loading plugin search

2006.02.15 14:20:22 Connect Socket[addr=/161.3.50.180,port=55345,localport=5222]

2006.02.15 14:20:22 Logging off istapr80.univ-st-etienne.fr/ffbc267f on org.jivesoftware.wildfire.net.SocketConnection@f6f1b6 socket: Socket[addr=/161.3.50.180,port=55345,localport=5222] session: org.jivesoftware.wildfire.ClientSession@1cfd3b2 status: 1 address: istapr80.univ-st-etienne.fr/ffbc267f id: ffbc267f presence:

It’‘s been really a couple of days that I try debug and tcpdump but none print me any clue where to search. Please, does anybody got any clue or got wildfire and ldap working ? (I saw on the forum that they are so few problem with ldap. I can’'t explain mine).

Thanks in advance.

Best Reagrds,

Christophe.

I mean nobody uses LDAP or user/group storage with 2.4.4 ?

This really driving me mad for days, the more I look things around, the less I can find what exactly is the matter there.

Cheers.

Christophe

Can you tell me what sort of problem you have? I have almost the same setup as you, and it works fine for me (except for an issue with shared groups which should be fixed soon). Do you have a need for an admin user/password? Many LDAP setups just allow anonymous access that work fine for Wildfire.

Can you perform ldap queries from the commandline on the same host? Try something like this:

ldapsearch -x -D “cn=AdminDN,dc=host,dc=fr” -W “(uid=username)” dn

Where cn=AdminDN,dc=host,dc=fr is your AdminDN, or leave off the -D “adminDN” -W options for an anonymous query. username should be the username of an existing user. If this fails, then the problem is with your network connection.

My problem is that my psi client (neither gaim) can gain access to jabber.

Client side I have: (sorry this is translation).

"There was an error while communicating with jabber server.

Details: Authentification error. No adapted mechanism available for the given security settings "

ldapsearch -h ist-guizay.univ-st-etienne.fr -b ou=person,o=istase,c=fr -x -D “myAdminDN” -W “(uid=gravier.christophe)”

Enter LDAP Password:

  1. extended LDIF

  1. LDAPv3

  2. base <ou=person,o=istase,c=fr> with scope sub

  3. filter: (uid=gravier.christophe)

  4. requesting: ALL

  1. gravier.christophe, person, istase, fr

dn: uid=gravier.christophe,ou=person,o=istase,c=fr

So it’'s all good.

While writing this post, I thought of “for the given security settings”.

Well I thought it was security settings server side.

But if it was a problem client side ???If psi tells me “I can’'t cannot this server regarding the security you ask for in the account information”.

Haaaa, (hitting fortehead) !!! I ticked “allow unencrypted connection” (I wanted to get problem by problem and so let encryption aside for now).

That’'s it ! (hope this piece of info would help dump admin like me ).

I don’‘t allow anonymous search (but anonymous bind of course) so if I put ldapAdmindn and password out, it’'s still working like a charm.

Nevertheless, it is still not optimal: I can’'t get information retrieval (vcard setup).

In order to have a try, I fill all info for vcard in wildfire.xml. But this simply doens’'t work (no message in logs) :







postalCode










istase
istase




]]>
If I try to put :

<![CDATA[
<vCard xmlns=’‘vcard-temp’’>

]]>

only this doesn’'t work either (shall the vcard be entirely compelted in order to be read) ?

Where does wildfire store vcard interrogation ? (Client side, if I click “retreive information”, I don’'t see any line in debug.conf).

So, first, does vcards works for you ?

For people that will search in the future:

You have to add

in you provider tag (I commented it for test purpose and forgot to uncomment -.-’’).

cgravier

Interesting, you ask and you answer yourself, true admin

regards,

wmhtet

Yeah …

In fact I just remember I added the vcard provider and was absolutely sure it was uncommented. So even when reading it, I couldn’'t see the markup (You just read what you expect to be written).

Anyway, I searched for 3 days those problem and when writing them down, it just light up

Answers are for future searches for people in the mist !

And thanks for your piece of advise.

PS: wildfire + ldaps + ssl is just something really great, congratulations to developpers.